Connect with us

Hi, what are you looking for?

Technology

Why Your VPN May Not Be As Secure As It Claims

Virtual private networking (VPN) companies often promote their services as a secure way to safeguard your internet activity from prying eyes. However, recent research suggests that this assumption might be dangerous, especially when connecting to a VPN over an untrusted network. Attackers on the same network could potentially divert a target’s traffic away from the protection offered by their VPN without alerting the user.

When a device attempts to connect to a network, it sends out a broadcast message to the entire local network requesting an internet address. Ordinarily, only the network’s router, responsible for managing the network, responds to this request. This response is facilitated by a Dynamic Host Configuration Protocol (DHCP) server, which assigns IP addresses and sets a designated local address, known as an Internet gateway, through which all connected systems access the web.

VPNs create a secure virtual network interface for communication by establishing an encrypted tunnel. However, Leviathan Security researchers have discovered a potential vulnerability in this setup. They found that it’s possible to exploit an obscure feature in the DHCP standard, known as DHCP option 121, to coerce other users on the local network to connect to a rogue DHCP server.

By running a DHCP server on the same network as a targeted VPN user and configuring it to use itself as a gateway, attackers can intercept and snoop on the user’s traffic. This abuse of DHCP option 121 allows attackers to set up routing rules that take precedence over those of the VPN, effectively diverting traffic away from the VPN’s encrypted interface.

This technique poses a significant threat, allowing attackers to force VPNs to establish new connections and intercept traffic without the user’s knowledge. Leviathan’s research highlights the need for robust security measures, especially on untrusted networks. They recommend using devices that ignore DHCP option 121, relying on cellular hotspots, or running VPNs inside virtual machines to mitigate this risk. However, they caution that even these measures may not offer complete protection against determined attackers.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Business

Shareholders made significant decisions on Thursday regarding the leadership of Norfolk Southern, one of the largest railroads in the United States. While three of...

Technology

Apple is gearing up for a significant refresh of its iPad lineup in 2024, starting with the anticipated launch of the iPad Pro in...

Business

Microsoft Teams had a major hiccup on Friday, causing disruptions and various issues for users. The problem started around 11 a.m. EST and quickly...

Entertainment

Olivia Rodrigo’s Guts World Tour is gaining attention not only for her musical prowess but also for her distinctive fashion choices on stage. Styled...